If you save your configuration as a MY_CONNECTION.conf file in your /etc/openvpn directory, you can do the following:

systemctl enable openvpn@MY_CONNECTION
systemctl start openvpn@MY_CONNECTION

where MY_CONNECTION is the same from MY_CONNECTION.conf.

So if you have multiple connections, you would have multiple systemctl calls.

systemctl enable openvpn@MY_CONNECTION1
systemctl start openvpn@MY_CONNECTION1
systemctl enable openvpn@MY_CONNECTION2
systemctl start openvpn@MY_CONNECTION2

etc.


Below you find the steps I did to configure my Private Internet Access (PIA) OpenVPN tunnel. I use Switzerland.ovpn to refer to OpenVPN configuration. Please substitute this with the filename appropriate for your configuration.

I used Ubuntu 18.04, but it should work on any Linux distro using systemd. I only don't know if the network-manager will override this or not.

Dependencies

  1. sudo apt update
  2. sudo apt install openvpn

OpenVPN Configuration

  1. sudo mkdir /etc/openvpn/PIA (change PIA to the name of your choice)
  2. Download your OpenVPN config files, for example:

    sudo wget https://www.privateinternetaccess.com/openvpn/openvpn.zip https://www.privateinternetaccess.com/openvpn/openvpn-strong.zip
    
  3. (Extract and) copy the config file into the newly creted folder (here, /etc/openvpn/PIA)

  4. cd /etc/openvpn/PIA

Skip steps 7 to 10 if you do not use a password

  1. (optional) sudo touch piapass.txt
  2. (optional) sudo chmod 700 piapass.txt
  3. (optional) Type sudo nano piapass.txt and put the following content (changing username and password to the values appropriate for your configuration)

    username
    password
    
  4. (optional) Type sudo nano Switzerland.ovpn and change the auth-user-pass line to auth-user-pass /etc/openvpn/PIA/piapass.txt

  5. Test the connection sudo openvpn Switzerland.ovpn

Systemd Startup Service Setup

Change piavpn.service for whatever name you would like your startup OpenVPN connection service to have.

  1. cd /etc/systemd/system/
  2. sudo touch piavpn.service
  3. sudo chmod 644 piavpn.service
  4. Type sudo nano piavpn.service and put the following content (make sure to adapt the line starting with ExecStart to match your configuration):

    [Unit]
    Description=Private Internet Access VPN (Swiss)
    After=multi-user.target
    
    [Service]
    Type=idle
    ExecStart=/usr/sbin/openvpn --config /etc/openvpn/PIA/Switzerland.ovpn
    
    [Install]
    WantedBy=multi-user.target
    
  5. sudo systemctl daemon-reload

  6. sudo systemctl enable piavpn.service
  7. sudo reboot

After the reboot your OpenVPN connection should be set up automatically on boot.


Indeed @xm88, you want to automatically provide credentials at boot time when openvpn service is started up without user interaction or typing

In your oven config file (.conf on raspbian, but whichever extension is needed in your case)

    client
...
    auth-user-pass $yourCredentialsFile
    [some more config]
    <ca>
    -----BEGIN CERTIFICATE-----
    etc etc

And right next to your config file, a plain text file named $yourCredentialsFile which will contain:

username
password

I must advise this is not best practice in terms of security, because credentials are plain and available to any user who has access to your openvpn config dir /etc/openvpn, but this will allow openvpn service to auto login when started up at boot time.